Re: How to use Wireshark dissectors and header fields? (looking for "WORKING" examples for windows)

[Jaap Keuter <jaap.keuter () xs4all nl>]

HI,

Take it in small steps Padawan, gaining experience takes time.
Q1: See the reply from Pascal earlier.
Q2: C and Lua are fundamentally different programming languages.
        - C is used for the main program and all build in dissectors. These are the most capable.
        - Lua is used as an extension language. It allows to add (simpler) dissectors to Wireshark without the need to 
recompile it.
Q3: As README.dissector can tell you in more detail, header fields are constructs to define how raw data is to be 
presented by a dissector.
You use functions to extract data from a certain place in the received packet and use the header field to define the 
presentation.
The header field may even define a subset of a the retrieved data, and interpretations of this data.
Q4: Read the Wireshark Developers Guide (that’s not README.dissector!) one chapter at a time.
Q5: The Wireshark source code repository is full of C dissectors. There is no central repository for Lua dissectors, 
but a search a GitHub should yield some.
Q6: Header fields are constructs used in dissectors to define data representation. There is no choosing between them.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe